Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/2rFbZWrq7iUMsrNTauMSmygYt90.roa
File: 2rFbZWrq7iUMsrNTauMSmygYt90.roa (raw, json)
Hash identifier: /9QEto6FuYa98qsjPJvzYxBjqGChdiqhPPSXgNfHRDc=
Subject key identifier: DA:B1:5B:65:6A:EA:EE:25:0C:B2:B3:53:6A:E3:12:9B:28:18:B7:DD
Certificate issuer: /CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Certificate serial: 01843CCBF3F7CE76D72E68385343643C120F
Authority key identifier: 9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/2rFbZWrq7iUMsrNTauMSmygYt90.roa
Signing time: Thu 03 Nov 2022 09:21:49 +0000
ROA not before: Thu 03 Nov 2022 09:21:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56515
IP address blocks: 31.128.24.0/24 maxlen: 24
2a04:2b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:cb:f3:f7:ce:76:d7:2e:68:38:53:43:64:3c:12:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Validity
Not Before: Nov 3 09:21:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dab15b656aeaee250cb2b3536ae3129b2818b7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:ea:6c:c3:5f:a0:c8:20:7d:1c:14:eb:c1:
34:4f:46:fc:fc:d6:ef:4f:fe:b8:70:1b:be:35:30:
96:83:fb:b4:5c:cd:9d:fe:0d:5c:1b:cd:a3:50:16:
2f:bf:7a:2d:c7:18:a9:ac:8e:5c:ca:a0:ed:63:3c:
d8:b7:ae:a6:98:e3:b1:12:80:84:28:27:6a:36:77:
fe:c6:2d:0d:99:4e:90:49:85:e0:32:75:2e:c1:b5:
5c:99:23:81:50:4b:0a:c5:e3:1c:5d:64:99:9f:5b:
84:03:65:b0:c9:c7:44:b7:2e:d3:e6:aa:3c:e4:d3:
d5:2d:12:04:e4:61:a4:04:4d:7d:59:1f:5e:3f:0a:
b3:69:40:8c:6f:84:26:00:c3:f5:84:8d:da:3f:53:
52:71:69:c6:2a:a4:c1:d3:1c:aa:5d:63:4d:f8:fd:
a8:f3:6c:55:0b:a7:76:8b:0d:66:92:76:ec:28:0c:
96:2d:fe:08:9e:ca:9c:22:f1:e8:97:c6:0f:5c:b7:
58:49:de:f7:df:d7:5a:e1:c5:07:b7:a0:30:04:d2:
05:7f:3f:a3:59:0b:91:53:f7:56:e8:a8:c3:23:6e:
88:1a:39:5e:b7:d7:48:4d:77:ff:c8:d5:da:6f:ea:
f4:00:7d:dc:60:32:20:c4:99:e3:7f:be:db:a3:9c:
91:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B1:5B:65:6A:EA:EE:25:0C:B2:B3:53:6A:E3:12:9B:28:18:B7:DD
X509v3 Authority Key Identifier:
keyid:9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/2rFbZWrq7iUMsrNTauMSmygYt90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/mk-ppgpaJP_mFLbftYgT2SWjsxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.24.0/24
IPv6:
2a04:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:07:aa:e2:c8:4e:75:c7:b1:4c:03:b6:c8:e0:9a:ea:80:5e:
ed:6d:73:a2:7b:59:75:f6:fc:af:79:17:4c:86:ff:92:7a:8f:
e7:9a:61:d5:4f:a4:68:dd:ea:fc:0c:12:82:05:7c:a9:d1:43:
2d:40:11:79:be:dd:0c:d1:86:b2:a6:9f:9b:ae:a7:60:c4:24:
fd:59:85:bb:5e:ad:c9:5e:a9:9f:fb:0b:a7:fe:e2:44:d7:c2:
f9:9a:07:01:d3:c0:f7:14:08:e5:f4:5b:7d:bc:68:32:9b:bb:
b8:7e:fd:86:fa:d9:1b:d6:ca:b4:4a:f8:0a:c1:79:bc:fd:aa:
30:f9:33:78:ca:f4:e6:bd:a8:3e:6b:96:6a:d3:29:f2:cb:27:
53:97:d9:8d:6f:d9:88:53:c5:53:b2:84:7f:a1:96:64:43:15:
23:26:f3:d1:c4:6f:01:9f:55:45:91:eb:53:da:c2:c5:8f:d3:
8d:d7:cb:b7:7a:24:f9:eb:75:96:70:6f:63:0e:9d:ea:f4:54:
8c:c2:56:89:a8:a5:fa:1c:fa:0e:fd:ab:d3:ad:12:b7:e2:a8:
17:ee:eb:43:c9:40:53:fe:36:1b:37:7a:f0:c7:ea:d8:88:3e:
f7:7d:c4:a8:03:5b:ee:9e:27:44:b3:fc:bd:92:aa:58:b3:c4:
bb:e2:aa:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ8y/P3znbXLmg4U0NkPBIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGZhOWE2MGE1YTI0ZmZlNjE0YjZkZmI1ODgxM2Q5MjVh
M2IzMTgwHhcNMjIxMTAzMDkyMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIxNWI2NTZhZWFlZTI1MGNiMmIzNTM2YWUzMTI5YjI4MThiN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXvqbMNfoMggfRwU68E0T0b8/Nbv
T/64cBu+NTCWg/u0XM2d/g1cG82jUBYvv3otxxiprI5cyqDtYzzYt66mmOOxEoCE
KCdqNnf+xi0NmU6QSYXgMnUuwbVcmSOBUEsKxeMcXWSZn1uEA2WwycdEty7T5qo8
5NPVLRIE5GGkBE19WR9ePwqzaUCMb4QmAMP1hI3aP1NScWnGKqTB0xyqXWNN+P2o
82xVC6d2iw1mknbsKAyWLf4InsqcIvHol8YPXLdYSd7339da4cUHt6AwBNIFfz+j
WQuRU/dW6KjDI26IGjlet9dITXf/yNXab+r0AH3cYDIgxJnjf77bo5yR1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNqxW2Vq6u4lDLKzU2rjEpsoGLfdMB8GA1UdIwQY
MBaAFJpPqaYKWiT/5hS237WIE9klo7MYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEt
YTgzZDlkOTIwZDMxLzEvMnJGYlpXcnE3aVVNc3JOVGF1TVNteWdZdDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEtYTgzZDlkOTIwZDMx
LzEvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAH4AYMA0E
AgACMAcDBQMqBCtAMA0GCSqGSIb3DQEBCwUAA4IBAQAfB6riyE51x7FMA7bI4Jrq
gF7tbXOie1l19vyveRdMhv+Seo/nmmHVT6Ro3er8DBKCBXyp0UMtQBF5vt0M0Yay
pp+brqdgxCT9WYW7Xq3JXqmf+wun/uJE18L5mgcB08D3FAjl9Ft9vGgym7u4fv2G
+tkb1sq0SvgKwXm8/aow+TN4yvTmvag+a5Zq0ynyyydTl9mNb9mIU8VTsoR/oZZk
QxUjJvPRxG8Bn1VFketT2sLFj9ON18u3eiT563WWcG9jDp3q9FSMwlaJqKX6HPoO
/avTrRK34qgX7utDyUBT/jYbN3rwx+rYiD73fcSoA1vunidEs/y9kqpYs8S74qoV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:31 2024 by rpki-client on console-ams.rpki-client.org